From owner-freebsd-questions@FreeBSD.ORG  Tue Apr  8 19:32:05 2003
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 8A28837B401
	for <freebsd-questions@freebsd.org>;
	Tue,  8 Apr 2003 19:32:05 -0700 (PDT)
Received: from outbound0.sv.meer.net (outbound0.sv.meer.net [205.217.152.13])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 1690B43F75
	for <freebsd-questions@freebsd.org>;
	Tue,  8 Apr 2003 19:32:05 -0700 (PDT)	(envelope-from jwz@jwz.org)
Received: from mail.meer.net (mail.meer.net [209.157.152.14])
	by outbound0.sv.meer.net (8.12.6/8.12.6) with ESMTP id h392Vi4x040079;
	Tue, 8 Apr 2003 19:31:45 -0700 (PDT)
	(envelope-from jwz@jwz.org)
Received: from jwz.org (h132.128.meer.net [209.157.133.132])
	by mail.meer.net (8.12.2/8.12.1/meer) with ESMTP id h392VhQW092916;
	Tue, 8 Apr 2003 19:31:44 -0700 (PDT)
Received: from grendel.jwz.org (localhost.localdomain [127.0.0.1])
	by jwz.org (8.11.6/8.11.6) with SMTP id h392Vh730396;
	Tue, 8 Apr 2003 19:31:43 -0700
Sender: jwz@jwz.org
Message-ID: <3E93860F.1896A053@jwz.org>
Date: Tue, 08 Apr 2003 19:31:43 -0700
From: Jamie Zawinski <jwz@jwz.org>
Organization: my own bad self
X-Mailer: Mozilla 3.02 (X11; N; Linux 2.4.9-13smp i686)
MIME-Version: 1.0
To: freebsd-questions@freebsd.org
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
cc: shanehelms@eircom.net
Subject: Re: sysinstall and xscreensaver
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 09 Apr 2003 02:32:05 -0000

Shane Helms wrote:
> 
> Against a determined adversary, xlockmore is probably (?) a bit more
> secure than xscreensaver

Excuse me?  In what bizarro-universe can you possibly imagine xlockmore
to be more secure than xscreensaver?

The xlock/xlockmore model (of running the graphics demos and security
code in the same address space) is *fundamentally* broken from a
security standpoint.  With xscreensaver's design, a fault in the
eye-candy code will not cause the screen to unlock, as happens with
xlock/xlockmore.

In detail: http://www.jwz.org/xscreensaver/versus-xlock.html

-- 
Jamie Zawinski
jwz@jwz.org             http://www.jwz.org/
jwz@dnalounge.com       http://www.dnalounge.com/